but the fbi says it's not the source, saying in a statement on twitter, we never had info in question. bottom line -- totally false. and now an orlando company that works with multiple online magazine publishers, bluetote.com, says it's the inadvertent source. >> in response to this we've brought in an independent team to begin evaluating and confirming what happened and putting things in place so that this doesn't happen again. >> is that door closed? >> the door is absolutely closed. >> reporter: closed thanks in part to david schutz, a virginia-based security analyst, who discovered it was not an fbi file but came from bluetote.com. >> everybody goes crazy about the government having this information, but they never seem to think that it's bad that corporations might also have this information. and more often than not, it's the corporations who are tracking all this stuff. >> apple tells us programmers are moving away from using those i.d. numbers in apps. but for the devices that have already been compromised, experts say the only solution may be to buy a brand-new iphone or ipad.